Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

cycognito

Emerging Security Issue: HashiCorp Vault SSH CVE-2024-7594

Oct 1, 2024 By Emma Zaballos In CyCognito
CVE-2024-7594 is a severe unrestricted authentication issue affecting HashiCorp’s Vault’s SSH secrets engine. The National Institute of Standards and Technology (NIST) has not yet evaluated this vulnerability’s CVSS score but HashiCorp assigned it a base score of 7.5 (high). An outside security researcher, Jörn Heissler, discovered an issue with the valid_principals field in Vault’s SSH secrets engine.
Read Post

Organizational Resiliency in Healthcare: Preparing for System Downtime #shorts #healthcare

Oct 1, 2024 By Rubrik In Rubrik
Building organizational resilience is critical in healthcare. But it's not just about preventing cyberattacks—it's about ensuring patient care continues even when systems go down. Practicing cyber resilience through well-defined downtime procedures and understanding the critical outcomes for patients is essential. As Anahi Santiago, Chief Information Security Officer at ChristianaCare, emphasizes, knowing the path to achieve these outcomes, even in a crisis, is key to maintaining high standards of care.
View Video

Building a Cyber Resilient Healthcare System with Anahi Santiago, CISO at ChristianaCare

Oct 1, 2024 By Rubrik In Rubrik
Welcome to the Data Security Decoded podcast, brought to you by Rubrik Zero Labs. In each installment, we discuss cybersecurity with thought leaders and industry experts, and get their take on trends, themes, and where they see the sector going next. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.
View Video
veracode

Celebrating Five Years as a Customers' Choice in Application Security Testing

Oct 1, 2024 By Colleen Reidy In Veracode
We are thrilled to announce that, thanks to your support and trust, Veracode has been recognized as a Customers' Choice in the 2024 Gartner Peer Insights Voice of the Customer for Application Security Testing for the fifth consecutive year! We believe this distinction is not just a testament to our solutions and services but, more importantly, a reflection of the strong partnerships we have formed with each of you.
Read Post
elastic

The 2024 Elastic Global Threat Report: Visibility enhanced

Oct 1, 2024 By Devon Kerr, In Elastic
Elastic Security Labs discovers that threat actors are taking advantage of readily available abused security tools and misconfigured environments. Elastic Security Labs has released the 2024 Elastic Global Threat Report, surfacing the most pressing threats, trends, and recommendations to help keep organizations safe for the upcoming year. Threat actors are finding success from the use of offensive security tools (OSTs), a misconfiguration of cloud environments, and a growing emphasis on Credential Access.
Read Post
Pentest People

SecurePortal 2.9 - Introducing Live Reporting

Oct 1, 2024 By Pentest People In Pentest People
We are thrilled to introduce two exciting new features to SecurePortal: Live Vulnerabilities and Chat. With Live Vulnerabilities, you can now access real-time vulnerability information as consultants identify them, significantly reducing the risk window. This enhancement enables your IT teams to begin triaging vulnerabilities within minutes, rather than waiting for the full assessment to be published. You can mark vulnerabilities as resolved as soon as they are fixed, even during an ongoing engagement.
Read Post

[Cybersecurity Awareness Month 2024] Incident Response Fiona Anna Collard

Oct 1, 2024 By KnowBe4 In KnowBe4
In a world where cybersecurity incidents are no longer a matter of if they will happen, but when, having a solid incident response plan is a critical component of cyber resilience and business continuity. The National Institute of Standards and Technology (NIST) provides comprehensive guidelines on how to set up an executive incident response. For this blog, Anna Collard will be drawing inspiration from Fiona, the vibrant and friendly PA to the IT director in the first season of our security awareness series "The Inside Man," to illustrate how effective incident response should be managed.
View Video
salt security

Seeing the Unseen: Salt Security and eBPF

Oct 1, 2024 By Eric Schwake In Salt Security
APIs are crucial in our digital world, but they also introduce new vulnerabilities. Attackers often exploit these vulnerabilities by concealing malicious payloads within encrypted traffic, rendering them undetectable to traditional security tools. As we observe Cybersecurity Awareness Month, it's important to emphasize the significance of advanced solutions that can detect hidden threats.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.